firefox-stable-3720230214124622.1
Firefox 110.0 release. For details, see https://www.mozilla.org/en-US/firefox/110.0/releasenotes/
apptainer-1.1.6-1.fc37
Update to upstream 1.1.6
apptainer-1.1.6-1.el9
Update to upstream 1.1.6
apptainer-1.1.6-1.el8
Update to upstream 1.1.6
apptainer-1.1.6-1.fc36
Update to upstream 1.1.6
apptainer-1.1.6-1.el7
Update to upstream 1.1.6
python-fastapi-0.92.0-1.fc39
python-starlette-0.25.0-1.fc39
Limit the number of fields and files when parsing multipart/form-data on the MultipartParser
🚨 This is a security fix. Please upgrade as soon as possible.
⬆ Upgrade Starlette to 0.25.0.
This solves a vulnerability that could allow denial of service attacks by using many small multipart fields/files (parts), consuming high CPU and memory.
Only applications using forms (e.g. file uploads) could be affected.
For most cases, upgrading won’t have any breaking changes.
python-fastapi-0.92.0-1.fc38
python-starlette-0.25.0-1.fc38
Limit the number of fields and files when parsing multipart/form-data on the MultipartParser
🚨 This is a security fix. Please upgrade as soon as possible.
⬆ Upgrade Starlette to 0.25.0.
This solves a vulnerability that could allow denial of service attacks by using many small multipart fields/files (parts), consuming high CPU and memory.
Only applications using forms (e.g. file uploads) could be affected.
For most cases, upgrading won’t have any breaking changes.
The last year saw a rise in the sophistication and number of attacks targeting industrial infrastructure, including the discovery of a modular malware toolkit that’s capable of targeting tens of thousands of industrial control systems (ICS) across different industry verticals. At the same time, incident response engagements by industrial cybersecurity firm Dragos showed that 80% of impacted environments lacked visibility into ICS traffic and half had network segmentation issues and uncontrolled external connections into their OT networks.
“A number of the threats that Dragos tracks may evolve their disruptive and destructive capabilities in the future because adversaries often do extensive research and development (R&D) and build their programs and campaigns over time,” the Dragos researchers said in a newly released annual report. “This R&D informs their future campaigns and ultimately increases their disruptive capabilities.”
Posted by Thomas Weber on Feb 14
CyberDanube Security Research 20230213-0
——————————————————————————-
title| Multiple Vulnerabilities
product| JetWave4221 HP-E, JetWave 2212G, JetWave
2212X/2212S,
| JetWave 2211C, JetWave 2411/2111, JetWave
2411L/2111L,
| JetWave 2414/2114, JetWave…
